Category: Azure Bicep

Speaking at Microsoft Azure Community User Group – Exploring Azure Bicep Innovation and Microsoft Graph extension

Welcome, Cloud Marathoners!

What an energizing experience to speak at the Microsoft Azure Community User Group! This week, our session was all about exploring Azure Bicep innovation and the powerful new Microsoft Graph extension—with a focus on hands-on learning, community growth, and practical cloud skills.

The Cloud Marathoner Community

We kicked off by sharing the vision behind the Cloud Marathoner community—a movement to help both beginners and seasoned pros upskill, inspire each other, and support underrepresented groups in IT. The goal? To motivate everyone to keep running their cloud learning journey and celebrate each milestone together.

Azure Bicep: The latest advancement in Infrastructure as Code

Azure Bicep is a domain-specific language designed to simplify resource management in Azure. Unlike traditional ARM templates, Bicep offers:

  • Easy-to-read syntax
  • Day-zero support
  • Deep integration with Azure
  • Code reusability through modules
  • Production-ready deployments

We explored how Bicep abstracts over ARM templates, making infrastructure as code more accessible and enjoyable for everyone.

Modularization: Reusability and Teamwork

One of the session’s core themes was modularization—breaking down your infrastructure code into reusable modules. This approach brings:

  • Type safety and IntelliSense
  • Standardization across teams
  • Easier maintenance and deployment
  • Integration with Azure Bicep Registry and Azure Verified Modules

We walked through demos showing how to build and deploy modular Bicep files, highlighting the benefits for both individuals and organizations.

Microsoft Graph Extension: Expanding Bicep’s Power

The latest innovation is the Microsoft Graph extension for Azure Bicep. This extension lets you:

  • Reference and deploy resources beyond native ARM scope (like Microsoft Graph resources)
  • Combine Azure and non-Azure resources in a single Bicep file
  • Simplify complex deployment scenarios with unified declarative modules

We demonstrated how to use the extension to create security groups and managed identities in Microsoft Entra ID, showing the practical steps and best practices for real-world deployments.


Hands-On Demos and Best Practices

Throughout the session, we switched between slides and live demos in Visual Studio Code, showing:

  • How to visualize Bicep deployments with the Bicep Visualizer
  • Quick deployment options via right-click in VS Code
  • Scripted deployments using Azure CLI and PowerShell
  • Troubleshooting common issues (like managed identity delays)
  • How to redeploy for idempotent results

We also discussed leveraging GitHub Copilot for code generation and the importance of baseline knowledge to get the most out of AI tools.

Community Resources and session recording

To keep your marathon going, check out these resources:

Join the Movement!

The Cloud Marathoner community is all about sharing, growing, and supporting each other. Whether you’re just starting out or looking to master the latest Azure innovations, there’s a place for you.

Connect with us, share your feedback, and let’s keep running toward cloud excellence — together!

Azure Spring Clean 2025 – sessions are accepted to present on Governance with Azure Bicep and AKS monitoring trends

Hello, hello my dear friends and community members!

This March month is going to be very busy, as I got notified that one of my solo sessions, and one joint session with Kasun – a Microsoft MVP and Docker captain – has been accepted, two weeks ago. And most importantly, I will be folding my sleeves to start preparations for the following sessions:

  • The Future of AKS Monitoring: Trends and tools you can’t ignore
  • Tips and tricks to automate resource governance with Azure Bicep

What to expect from a session – Future of AKS Monitoring?

In this session, we dive deep into the evolving landscape of Azure Kubernetes Service (AKS) monitoring — exploring the latest trends, essential tools, and best practices to future-proof your observability strategy.

What you’ll learn in this session:

✅ Current state of AKS monitoring: Azure Monitor, Log Analytics, Prometheus, and more.
✅ Must-have tools: Grafana, Azure Managed Prometheus,
✅ Best practices for designing scalable, high-availability monitoring solutions
✅ Live demo: Setting up Prometheus + Grafana on AKS and integration

What to expect from a Governance with Bicep session?

In this new session, you will learn how to simplify resource governance, ensure compliance, and easily maintain control over your Azure environment.

I have following key topics included in the session:
✅ Basics of Azure Policy and its core components
✅ Creating and managing policy definitions and assignments
✅ Leveraging built-in policies and custom policy creation
✅ Integrating Azure Bicep for efficient resource deployment and governance
✅ Real-world examples and use cases

Call to Action

Don’t miss these sessions during the March month, and as always, you are welcome to provide feedback or ask questions.

Reference post with links to the recorded session – The Future of AKS Monitoring: Trends and tools you can’t ignore.

Another reference post to a recorded session – Tips and tricks to automate resource governance with Azure Bicep.

New session announcement – Are you interested to unlock your AKS skills with Azure bicep language?

Hello Cloud Marathoner friends!

If you are into managed Kubernetes services and Infrastructure as a Code implementation on Microsoft Azure, then keep reading.

Session Announcement

Next week. join our tech-savvy workshop with Kasun Rajapakse, an Azure MVP and Docker Captain. In this festive session for the Festive Tech Calendar event, we will unwrap the wonders of Azure Kubernetes Service (also known as AKS) provisioning using the Bicep language and showcase the latest AKS features.

What will be covered?

In this jolly session, we’ll delve into the secrets of deploying AKS clusters with Bicep, turning your cloud infrastructure into a winter wonderland of efficiency and scalability. Whether you’re an experienced elf or a newbie on Santa’s list, this session is perfect for everyone eager to harness the power of Azure Kubernetes Service.

What you need to do before session?

Get ready to sleigh your cloud game with our festive demonstrations of AKS features. Deck the halls with knowledge and cheer as we bring the magic of AKS and Bicep to life!

Call to Action

Please come prepared to our session with your great questions on gears and skills that elves need to learn about. Your help to get them prepared will be appreciated very deeply.

Join elves for a holly jolly tech adventure session with the details below:

📆 Event Date: Dec 21, 10 am EST
📌 YT Channel 👉 https://lnkd.in/ehkCwVep
🐈‍⬛ GitHub repo 👉 https://lnkd.in/eUUTxBhE

Achieving new milestone with #CloudMarathoner community members and Bicep contributors!

Hello my dear friends!

Thank you to everyone 👨‍👩‍👧‍👦 who joined the #CloudMarathoner community and always support us in this great learning journey to empower learners ⛅🏃‍♂️🏃‍♀️!

We are continuing sharing awesome Cloud knowledge, skills and experiences in 2024 with a great contribution from all of you 💪

Latest stats on members

Our #CloudMarathoner #community has grown into more than 2000+ members!
Huge Thanks for #sharing posts and making this happen 🙌 🎉🎈

🎯 The fact is that in the last month alone, we added 81+ new members to our growing #cloudcommunity. Our reach to the new learners is just accelerating every week and month due to your shadings.

Highlight on some community members

Our strong team members like Hugo Barona Katerina Chernevskaya Dwayne, Jackson Felden, Kasun Rajapakse, Anuradha Samaranayake, Maria Ashby, Martin Dimovski, John Lokerse, John Hart, Dan Rios, 🚀Dries V.., Ahmad KANAAN, Akshay Arun Mandlik, Janusz Nowak, Luke Murray, Sam Cogan, Christopher Maneu, Matt Willson, @kewalaka, Sarah Lean,
Ahmad Abdalla, @RehabAbotalep, Sebastian Gräf, Joseph Thompson, Ravikanth Chaganti, Evgeny R., and Andrii Molchanov stepped up the game with numerous contributions👏

Bicep and Iac Resources

Check out a curated list of blogs, videos, tutorials, code, tools, scripts, and anything useful to help you learn Microsoft #AzureBicep 💪 language 👉 https://lnkd.in/e58nEfbd SharingIsCaring ❤️️

Subscribe to a #CloudMarathoner hashtag on LinkedIn platform 👏👀
Stay tuned for more Cloud, Automation & Security-related posts.

Azure Spring Clean 2024 – Integrate testing process into your Azure Bicep code

Hello Cloud Marathoners!

Hope you are all doing great and excited about this year’s Azure Spring Clean 2024 event!

In this episode, I will share our new #AzureBicep session with amazing community members like you and my partner in crime, Microsoft Azure MVP Kasun Rajapakse.

🎯 Teaser description of what you could expect:

Embrace the power of comprehensive testing by integrating it seamlessly into your Azure Bicep code!
In this session, we will experiment with some testing strategies that allow you to weave testing processes effectively into your Azure Bicep infrastructure-as-code (IaC) development.

We’ll explore the pivotal role of testing in ensuring the reliability, scalability, and security of your Azure deployments. You will learn how to get started with Bicep-specific unit testing frameworks that complement your Bicep code, enabling you to detect and rectify potential issues at an early stage of development.

Please, feel free to each this session below:

Do you have a feedback?

Please, submit your comments on our LinkedIn post here.

Festive Tech Calendar session – The 12 Bicep 💪 Tips of Christmas

Hi friends,

I hope everyone has a joyful festive season with family and has more than one reason to celebrate. In the spirit of the season, We (#cloudmarathoner community) rolled our sleeves and produced two sessions for the Fesive Tech Calendar 2023 event.

The first session – “The 12 Bicep 💪 Tips of Christmas: Best Practices for Azure Deployment” is done in collaboration with Kasun Rajapakse – a Microsoft Azure MVP and a #cloudmarathoner community contributor.

In this session, we invite you to take a trip to Azure with ‘The 12 Bicep Tips of Christmas: Best Practices for Azure Deployment.’ We encourage you to open the present of knowledge as we show you the ropes and help you use Azure Bicep to its best potential. By joining us you will spread good cheer for a prosperous and trouble-free Azure experience this holiday season in honor of efficient cloud management.

Don’t forget to check our recorded session to learn about those sweet 12 Tips and tricks to enhance your Azure Bicep skills > https://youtu.be/xjwq6wVvoRE?feature=shared

This session has been also shared on our LinkedIn post as a Day 23 event session.

Wish you all Happy Holidays and Happy New Year !!!

How could you easily create new pre-configured 🚀 Azure subscriptions that meet your organization’s specific needs ⁉ 🤔

Hello, dear #CloudMarathoner community!

If you have been implementing your customers with the management of enterprise subscriptions and policies, then it is a pretty common need to automate the provisioning of those subscriptions in a controlled and secure manner.

The good news is that you don’t have to reinvent the wheel and do everything from scratch. The Microsoft team that is behind the Azure Landing Zones implementation has a good reference that could tremendously help you.

Microsoft Global Customer Success team

Have you ever checked the subscription vending IaC Modules from the Microsoft Global Customer Success team (the same team behind Azure Landing Zones)?

Subscription Vending IaC Modules

Well, if not then Subscription Vending IaC Modules are available for you in two popular infrastructure-as-code (IaC) tools: Bicep and Terraform.
AND designed to help you implement the best practices for subscription provisioning.

Why use these modules?

Using these modules, you can quickly and easily provision new Azure subscriptions that are pre-configured to meet your organization’s specific needs. The modules include parameters/variables for Role-Based Access Control, Networking, Tags, and more.

📌 Check out the Bicep 💪 Landing Zone vending module for Azure a GitHub repo 👉 https://lnkd.in/dJRiK5yG

📌 Check out the Terraform landing zone vending module for Azure a GitHub repo 👉 https://lnkd.in/dtndsfXr #sharingiscaring ❤️

In Summary

So, what is your preferred way to provision Azure subscriptions ⁉ 🤔
Please, share your feedback 💬 in the comments or in the following LinkedIn post.

How could you implement microservices in practice with Node.js, Docker 🚀 in Azure with 💪 Bicep power ⁉ 🤔

Hello #CloudMarathoner community!

Recently, I have been asked for a reference on how to implement a microservices architecture from code to production, using an open-source stack with Azure.

Node.js Microservices Workshop

I am really glad to discover and test the following workshop >> Microservices in practice with Node.js, Docker and Azure.

In this workshop, you will build a complete application including a website with authentication and 3 microservices, deploy it to Azure using a CI/CD pipeline, monitor and tune the scaling of our services, and use log tracing to debug issues.

And yes, all that is done without needing to use Kubernetes while using the #AzureBicep 💪 for #infrastructureascode (IaC) and deployment!

💡 Check the details in the GitHub repo 👉 https://lnkd.in/eBZTMw5V #sharingiscaring ❤️

Alternative Approach

This workshop approach is one of many ways to get started with Node.js Microservices in Azure. But, I am interested to hear from you.

What is your preferred way to implement microservices in Azure ⁉ 🤔
Please, share your feedback 💬 in the comments or in the following LinkedIn post.

In Summary

I hope you will enjoy this reference architecture and the @GitHub code repo. More importantly, you got a chance to learn something new. Hopefully, you’ll be able to take this knowledge back to your projects and improve your solutions.

Zero to Hero: Secure IaC with Bicep

Hello dear friends,

I would like to welcome everyone who is landed on this page to check out the Azure Spring Clean 2023 event and Learn new cloud skills!

Before kicking off the topic, I would like to start with a “THANK YOU” message for the organizers of the event; especially for Joe, Thomas, and everyone who is involved in making this event a successful experience for everyone!

Note:

Introduction

In the spirit of Azure Spring Clean, we will explore how to organize Azure Security Services using the infrastructure-as-Code (IaC) approach with Azure Bicep.

We will look into how you could declaratively define and deploy your Azure security resources including Azure Policies to tackle real-world business problems. So, get yourself ready for simple yet powerful demos that will turn you into a hero.

And don’t worry, if you are new to Azure Bicep as we will have a super express introduction to this new IaC language to get you started with fundamentals.

By the way, if you are super new to Azure Bicep then please check the following YT recording – “What is new in Azure Bicep language?”

What is Azure Bicep

Azure Bicep is a new declarative Domain Specific Language (DSL) for provisioning Azure resources. The purpose of Azure Bicep is to simplify the resource creation and management experience with a cleaner syntax and more code reuse.

Declaring resources as IaC

There are many benefits in declaring and managing cloud infrastructure resources as a code. It provides benefits, such as increased compliance, visibility, controlled deployments and versioning of changes that get deployed into your cloud environments.

The following screenshot demonstrates how Azure Bicep declares cloud resources on the left side of the panel:

Organizing cloud resources

No matter how small or big is your project, taking time to think through the approach of how to organize your digital assets is an important task. In Microsoft Azure, you would need to consider a couple of points while trying to make this decision. Namely, you would need to consider the following factors:

  • Resource Governance approach
  • Management scopes
  • IaC management options
  • Modules, ACR, Template Specs, etc.

Azure Policies for governance

The Azure Policies are assigned with a unique mission to guard the compliance aspect of your cloud resources and workloads. It evaluates resources at specific times (by default happens every 24 hours) during the resource lifecycle changes and the policy assignment lifecycle updates.

Thus, whenever you get a resource created, updated, or deleted within a scope of the monitored compliance, or if you update/create an Azure policy then the compliance evaluation cycle will determine the compliance of these changes by auditing, blocking, or allowing the action to be performed.

Securing storage account options

Note: this section of the post is in progress…
It will be presented with the screenshots and GitHub repo for you.
Stay tuned, and check in a few days 😉


video & Demo – a sweet combo

In the video below, I briefly cover the posted information in this blog post which also includes the instructions on how to run the demo and get the scripts to deploy Azure Policies for your Tag Governance scenario.

Without any overdue, here is the video that should be available to you:

The following image is a screenshot from the slide that demonstrates the Bicep code that declares the policy definition and initiative, with the final view of deployment on the Azure portal.


Please, feel free to check out the GitHub repo – Learn Azure Bicep.

Summary

Thank you so much for reading this post and learning about Azure security and compliance and how IaC language Azure Bicep can help you in this journey. This is a bit different perspective to strengthen your resource/workload compliance on Azure using IaC approach.

Please, keep up the good work by securing your organizational and customer cloud environments!

Troubleshooting steps with the Azure Bicep Insert and system path errors

Hello Cloud Marathoners!

I have been getting a strange error on the Azure Bicep Insert functionality on my laptop, while it was working as expected on my work laptop.

Thus, I started to compare Azure Bicep versions and extension plugin versions on VS Code. Even though, both have the same versions, I was getting the following errors:

ChainedTokenCredential failed due to an unhandled exception

“Caught exception fetching resource: The ChainedTokenCredential failed due to an unhandled exception: Azure CLI authentication failed due to an unknown error. See the troubleshooting guide for more information.”

After a couple of hours of troubleshooting, I was getting a different error:

“Caught exception fetching resource: The ChainedTokenCredential failed due to an unhandled exception: Azure PowerShell authentication failed due to an unknown error. See the troubleshooting guide for more information.”

I was not sure what was wrong, and thus I opened a GitHub issue on Azure/Bicep. Link to the issue: https://github.com/Azure/bicep/issues/9911

Not an Authentication issue

First thing first, I have eliminated the possibility of Azure authentication not working on my VS Code, by running the following commands and seeing the results:

Issues that helped to dig for a fix

I was seeing an error: “The system cannot find the path specified.”. This was in my Windows Command Prompt and PowerShell consoles.

Here are the screenshots of the errors that I was seeing:

Resolving path issues

First, I checked all my paths in Environment Variables on my Windows laptop, and there were 1-2 unresolved paths that I removed.

Cleanup of the Registry AutoRun

The next step was removing any Auto Run values that I may have in Win Registry.
This last step was helpful to resolve all the errors on Windows Command Prompt and PowerShell.

In Summary

At the end of the troubleshooting and after a couple of hours of banging my head into the wall, I was happy that the Path and “ChainedTokenCredential failed” issues had been resolved.

Thank you for reading my post and I hope this post has helped you to troubleshoot the issues that you may have.

If your issue is still not resolved after following my post, please reach back to me.